Fundamental aim

enable 2 people to communicate over n insecure channel in such way that their connection is secure, as in an opponent (eavesdropper) can not understand them

Cryptosystem

5-tupe P,C,K,E,D
- P = plaintext
- C = ciphertext
- K = possible keys
- for each k in K there is an encryption rule e in E and a description rule d in D
each encryption function must be injective
if P = C then each e(k) is a permutation

Protection

there’s no such thing as a perfectly, 100% secure, computer system, there will always be bugs and security experts know that
system architects employ a strategy called defence in depth, which uses many layers of varying security mechanisms to frustrate attackers
it’s a bit like how castles are designed:
- first you’ve got to dodge the archers, then cross the moat, scale the walls, avoid the hot oil, get over the ramparts, and defeat the guards before you get to the throne room, but in this case we’re talking about one of the most common forms of computer security

Cryptography

cryptography = ‘crypto’ and ‘graphy’, roughly translating to “secret writing”
cipher
- an algorithm that converts plain text into ciphertext, which is gibberish unless you have a key that lets you undo the cipher
encryption = process of making text secret
decryption = the reverse process

ciphers have been used long before computers showed up:
- Julius Caesar used what’s now called a Caesar cipher, to encrypt private correspondence
  - he would shift the letters in a message forward by three places
    - A became D, and the word "brutus" became this: "euxwxv"
  - to decipher the message, recipients had to know both the algorithm and the number to shift by, which acted as the key
the Caesar cipher is one example of a larger class of techniques called substitution ciphers
replace every letter in a message with something else according to a translation
drawback of basic substitution ciphers is that letter frequencies are preserved